operating-kubernetes
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- **CREDENTIALS_UNSAFE (LOW): Hardcoded placeholder credentials found in example manifests.
- Evidence: examples/manifests/keda-rabbitmq.yaml contains a hardcoded AMQP connection string amqp://user:password@rabbitmq.default.svc.cluster.local:5672.
- **COMMAND_EXECUTION (LOW): Potential for command injection or unexpected behavior due to unvalidated shell arguments.
- Evidence: scripts/validate-resources.sh accepts a namespace as an argument ($1) and uses it directly in kubectl commands. This pattern assumes the caller (the AI agent) has sanitized the input, posing a risk if unsanitized user input is passed.
Audit Metadata